Privacy Policy
PRIVACY POLICY
Effective Date: May 24, 2024
Last updated: May 24, 2024
SCOPE
This Privacy Policy is entered into by and between you and ReveliaDx, Inc. (“ReveliaDx”). This policy (together with our Terms of Use ) is presented to you in order to help you make an informed decision about using this website and the services provided by ReveliaDx and to explain to you what information we collect, how we store that information, and how we may use it. By using ReveliaDx.com, or any other ReveliaDx website, app, or service on which this policy appears (collectively the “ReveliaDx Services”), you are consenting to have your Personal Information (defined below) and non-personally identifiable data transferred to and/or processed in the United States in accordance with the terms of this Privacy Policy. Please do not use the ReveliaDx Services if you do not agree with this policy and any other policies listed on or within the ReveliaDx Services.
“Personal Information” means information that alone or when in combination with other information may be used to readily identify, contact, or locate you, such as: name, address, e-mail address, phone number, social security number, and insurance-issued ID numbers. “Personal Information” also includes identifiable health information collected about you. However, “Personal Information” does not include any information or data that has been anonymized so that it does not allow a third-party to identify a specific individual.
“Protected Health Information”, as defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), 45 C.F.R. Parts 160, 162, and 164, means information, including demographic information, which relates to an individual’s past, present, or future physical or mental health or condition or the provision of health care to the individual, or the past, present, or future payment for the provision of health care to the individual, and that identifies the individual or for which there is a reasonable basis to believe can be used to identify the individual.
ABOUT ReveliaDx
ReveliaDx licenses software to health service providers who may use the ReveliaDx Services to provide education and digital health guidance and support to patients, monitor patient health through patient self-reporting, manage patient progress, and provide other healthcare-related services. ReveliaDx acts as a service provider for health service providers and does not own or control the data or any Protected Health Information submitted to us through the ReveliaDx Services. The information that is submitted through the ReveliaDx Service will be held subject to the requirements of our health service provider clients and applicable law, such as the Health Insurance Portability and Accountability Act (HIPAA).
PLEASE NOTE: This Privacy Policy does not reflect the privacy practices of ReveliaDx’s health service provider clients and ReveliaDx is not responsible for our clients’ privacy policies or practices. ReveliaDx does not review or monitor our health service provider clients’ privacy policies or their compliance with their respective privacy policies, nor does ReveliaDx monitor our clients’ compliance with applicable law.
INFORMATION WE COLLECT FROM YOU
Non-Personally Identifiable Information
When you use the ReveliaDx Services, we may collect certain non-personally identifiable information. This may include your browser information (including browser type, browser version, host operating system, and browser language) and your IP address. We use this information to help diagnose problems with our servers and for other administrative purposes.
In addition, the ReveliaDx Services may compile aggregate traffic information from this non-personally identifiable information. We may use this data to improve the features offered by the ReveliaDx Services.
Personal Information
We may collect information, including Personal Information and Protected Health Information, about you:
when you register to use the ReveliaDx Service;
when you interact with and use the ReveliaDx Service;
when you provide Personal Information to your health service provider;
when you upload an image, document, or any other data to the ReveliaDx Service;
when provided by your health service provider to us;
from third parties when you or your health service provider directs us to gather information from them; and
when you communicate with us.
ReveliaDx’s Use of Cookies
We use cookies on the ReveliaDx Services. By using the ReveliaDx Services, you accept the use of cookies in accordance with this Privacy Policy. If you do not accept the use of these cookies, please disable them following the instructions in this Privacy Policy.
A cookie is a small file placed on your computer's hard drive. You may refuse to accept browser cookies by activating the appropriate settings on your browser. However, if you select this setting, you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
Managing Cookies. You can enable, disable or delete cookies within your browser. In order to do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” menu). Disabling a cookie or category of cookies does not delete the cookie from your browser; you will need to do this yourself from within your browser by choosing the option to delete cookies. If you have disabled one or more analytics cookies, we may still use information collected from cookies prior to your disabled preference being set, however, we will stop using the disabled cookie to collect any further information.
USE OF INFORMATION COLLECTED
Primary Purpose of Information Collected
The information and data collected through the ReveliaDx Services, including Personal Information and/or Protected Health Information, is primarily used for the purposes of:
providing you with the products and services you request;
notifying you about changes to our service and policies; and
communicating with you.
Other Uses
ReveliaDx may also use the information we collect about you, including Personal Information, for the following purposes:
Communications.
We may periodically contact you using information supplied to the site (e.g. to provide newsletters or marketing information on new products and services). You may opt out of receiving marketing communications by clicking on the unsubscribe link at the bottom of such emails. Certain communications, such as those regarding changes to our policies or changes to services you have purchased, you may not opt out of.
Surveys and Ratings. ReveliaDx may make the content of any survey or ratings you provide public. ReveliaDx will notify you in advance how it will use any survey or rating feedback in such a request for this information.
Anonymized and Aggregate Data.
ReveliaDx may anonymize and aggregate any data collected through the ReveliaDx Service, and use it for business or research purposes. For example, we may use such anonymized and aggregate data for evaluating the performance of content and features provided through the ReveliaDx Service.
DISCLOSURE OF PERSONAL INFORMATION
Vendors and Service Providers
We may share any information we receive with vendors and service providers retained in connection with the provision of the ReveliaDx Service. When Protected Health Information is shared, as such term is defined by HIPAA, our vendors and service providers will be bound by appropriate business associate agreements as required by HIPAA.
Display or Disclosure to Health Service Providers and Others
The content you provide to the ReveliaDx Service may be displayed on the ReveliaDx Service or disclosed to others at your direction. Your health service provider (including your health service provider’s staff), will have access to certain account information, including Personal Information and Protected Health Information.  For example, when you enter biometrics or activity information, manually or through wearable technology, send private messages and/or share journal entries, your provider will be able to see your name, contact information, as well as any other health information you have provided. However, your health service provider will not have access to (i) any payment information, such as your credit card number, or (ii) your account password. You may also be permitted to share the content of your health records with third parties. ReveliaDx is not responsible for the privacy practices of others who may view and use the information you disclose to others.
Marketing and Advertising
ReveliaDx does not rent, sell, or share Personal Information about you with other third parties or non-affiliated companies for their marketing or promotional purposes.
When Required by Law.
ReveliaDx reserves the right to disclose your Personal Information, without prior notice to you, as required by law or when we believe that disclosure is necessary to comply with a law, regulation, or any legal request (e.g. court order or subpoena). Furthermore, we may share your Personal Information when we believe it is necessary to address fraud or other illegal or prohibited activity perpetrated through the ReveliaDx Services or to prevent imminent bodily harm.
Merger, Sale, or Other Asset Transfers
If ReveliaDx is involved in a merger, acquisition, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We cannot control how such successor entities may use or disclose such information.
With Your Permission
ReveliaDx may disclose your Personal Information according to your instructions and with your permission.
ACCESS AND CORRECTION OF PERSONAL INFORMATION
With respect to most information collected, ReveliaDx obtains your personal information on behalf of a health service provider. To request access to, correction, amendment, or deletion of such Personal Information and/or Protected Health Information, please first contact the health service provider to which the information was provided. If the health service provider is unable to resolve your request and for all other inquiries regarding your Personal Information, please contact [email protected].
SECURITY
We have implemented reasonable measures to protect the information we collect and store (e.g. hashed user password and SSL encryption), taking into consideration the types of risks we face and the reasonable protections available to us. No method of protecting information is 100% secure, and we cannot guarantee its absolute security. Consequently, we cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. Once we receive your data, we take steps to ensure security on our systems and/or on the systems of our service providers. Please note this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of such safeguards.
ReveliaDx provides its services to health service providers, and when we process, receive or transmit Protected Health Information on behalf of such health service providers, we are acting as a “business associate” to them as regulated by HIPAA. Therefore, ReveliaDx has adopted and maintains appropriate physical, technical, and administrative policies and procedures to safeguard and secure the Protected Health Information we process, transmit, or receive. We also will not access, use, or disclose the Protected Health Information except as permitted by health service provider clients, you, and/or applicable law, including HIPAA.  ReveliaDx takes the privacy of its customers seriously and strives to protect the privacy of the Personal Information it processes, and to avoid any inadvertent disclosure.
If ReveliaDx learns of a security system breach affecting personal information and/or Protected Health Information, ReveliaDx maintains a breach notification policy pursuant to Business Associate Agreements it may have with a health service provider clients and/or  consistent with applicable law.
By using the ReveliaDx Service or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the ReveliaDx Service.
Additional Limits on the Use of Your Google User Data:
Notwithstanding anything else in this Privacy Policy, if you provide the App access to the following types of your Google data, the App’s use of that data will be subject to these additional restrictions:
– The App will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
– The App will not use this Gmail data for serving advertisements.
– The App will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the App’s internal operations and even then only when the data have been aggregated and anonymized.
INTERNATIONAL USERS
Access to and use of the ReveliaDx Service is administered in the United States and is intended for users within the United States.
PLEASE NOTE:Â If you are using the ReveliaDx Service from the European Union or other regions with laws governing data collection and use, you are agreeing to the transfer of your information to the United States for processing. By providing your information to ReveliaDx, you consent to any transfer and processing in accordance with this Privacy Policy.
PRIVACY PRACTICES OF THIRD PARTIES
When you click on links to websites or applications outside of the ReveliaDx Services, third parties may place their own cookies or other technological devices on your Internet browser or device. We have no control over these third parties and no responsibility for the technologies they employ. To learn how a particular website collects and uses your information, you should read the privacy policy of that website.
PRIVACY OF CHILDREN
ReveliaDx does not knowingly collect information from anyone under the age of 13. If we are made aware that we have received information from anyone under the age of 13, we will promptly locate and remove that information from our records.
YOUR CALIFORNIA PRIVACY RIGHTS
Under California’s “Shine the Light” law, California residents have the right to receive information from us regarding categories of Personal Information we shared with third parties for their direct marketing purposes during the previous calendar year, if any. This information will be provided free of charge, once per calendar year upon request. To request this information, please email [email protected] with the subject line “Request for California Privacy Information”. We will respond to such written requests within 30 days following receipt at the e-mail or mailing address stated above.
CHANGES TO PRIVACY POLICY
We may modify this Privacy Policy at any time, and the revised version will be effective when posted. If you are concerned about how your Personal Information is used, please review this Privacy Policy periodically. If we make material changes to this policy, including new uses of your Personal Information not already disclosed in our Privacy Policy, we will notify you here, and make reasonable efforts to notify you by email or by means of a notice on our homepage. The date of the most recent revisions will also appear on this page. Changes are effective immediately upon posting. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your interactions with the ReveliaDx Service.
QUESTIONS
For questions or concerns regarding this Privacy Policy, please contact: [email protected].Â